Posts Tagged ‘rule’

Troubleshooting Network Problems

Are you having network connectivity problems? You are unable to connect to another computer, to the Internet or to shared resources within an organization! Then this article will guide you through the basic tools available in Windows 7 and the steps you need to take when troubleshooting network connectivity problems.

Read more…

Share

Be the first to comment - What do you think?  Posted by George - January 15, 2011 at 3:48 am

Categories: Networking, Troubleshooting   Tags: , , , , , , , ,

AppLocker – Part 2: Understanding AppLocker Rules

When you enable AppLocker, the default behavior is secure, that is, Block. This rule is sometimes called the fallback Block. It is worth mentioning again the importance of setting a default Allow rule at least for the administrators (local or domain) as enabling AppLocker without any allows rules may render your computer unusable! AppLocker is organized into four areas called rule collections. The four rule collections are executable files, scripts, Windows Installer files, and DLL files. The following are the file formats included in each rule collection:

  • Executable rules – .exe .com
  • Windows Installer rules - .msi .msp
  • Scripts rules – .ps1 .bat .cmd .vbs  .js
  • DLL rules - .dll .ocx

Rule conditions

Rule conditions are criteria that the AppLocker rule is based on. Primary conditions are required to create an AppLocker rule. The three primary rule conditions are publisher, path, and file hash.

Read more…

Be the first to comment - What do you think?  Posted by George - December 1, 2010 at 3:13 am

Categories: Security   Tags: , , , , , , , , , ,

How to restrict applications using Group Policies

The following procedure shows how to restrict an application from running using Software Restriction Policies. More details about Software Restriction Policies and the available options can be found here

This example shows how to restrict the windows notepad application from executing:

  1. Start the local group policy editor by typing gpedit.msc in the Start search text box
  2. Go to Computer Configuration\Windows Settings\Security Settings\Software Restriction Policies node
  3. Expand the Software Restriction Policies node and select Additional Rules
  4. On the right hand side pane, right click and select New Path Rule…
  5. Click the Browse button to search for Notepad.exe, select it and set the Security level to Disallowed
  6. Click OK
    Read more…

2 comments - What do you think?  Posted by George - November 24, 2010 at 2:58 am

Categories: Security   Tags: , , , , , , ,